def password_edit_view(request): """ Render the change password form page. Seek the database for the user datas based on user_id used in the route. If the user did not exist then add an error flash message and redirect to the user list. If the user exist then render an empty password form. If the form is validated then change the user password in the database and add success flash message. If the form is not valid, then display again the form with validation errors. :param request: a ``pyramid.request`` object """ _ = request.translate user_id = request.matchdict['user_id'] user = AuthUser.get_by_id(user_id) if not user: request.session.flash(_(u"This user did not exist!"), 'error') return HTTPFound(location=request.route_path('tools.user_list')) form = Form(request, schema=UserPasswordForm, obj=user) if 'form_submitted' in request.params and form.validate(): form.bind(user) DBSession.add(user) request.session.flash(_(u"Password updated."), 'success') return HTTPFound(location=request.route_path('tools.user_list')) return dict(renderer=FormRenderer(form))
def setUp(self): self.settings = settings self.config_uri = config_uri self.engine = engine_from_config(self.settings, prefix='sqlalchemy.') DBSession.configure(bind=self.engine) Base.metadata.bind = self.engine Base.metadata.create_all(self.engine) self.DBSession = DBSession
def get_user_stats(): """ Get basic database statistics. :return: users and groups counts from the database :rtype: dictionary """ usercount = DBSession.query(AuthUser.user_id).count() groupcount = DBSession.query(AuthGroup.group_id).count() return dict(usercount=usercount, groupcount=groupcount)
def rock_add_view(request): _ = request.translate form = RockForm(request.POST) if 'form_submitted' in request.params and form.validate(): rock = Rock() form.populate_obj(rock) DBSession.add(rock) request.session.flash(_(u"Rock added."), 'success') return HTTPFound(location=request.route_path('geo.rock_list')) return dict(form=form)
def zone_add_view(request): _ = request.translate form = ZoneForm(request.POST) if 'form_submitted' in request.params and form.validate(): zone = Zone() form.populate_obj(zone) DBSession.add(zone) request.session.flash(_(u"Zone added."), 'success') return HTTPFound(location=request.route_path('geo.zone_list')) return dict(form=form)
def get_zone_stats(): """ Get basic database statistics. :return: zones and groups counts from the database :rtype: dictionary """ zonecount = DBSession.query(Zone.zone_id).count() groupcount = DBSession.query(Group.group_id).count() rockcount = DBSession.query(Rock.rock_id).count() engravingcount = None return dict(zonecount=zonecount, groupcount=groupcount, rockcount=rockcount, engravingcount=engravingcount)
def main(global_config, **settings): """ This function returns a Pyramid WSGI application. """ # configure SQLAlchemy engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) config = Configurator(settings=settings) # configure the root factory (used for Auth & Auth) root_factory = RootFactory config.set_root_factory(root_factory) # configure session session_factory = session_factory_from_settings(settings) config.set_session_factory(session_factory) # configure auth & auth config.include(anuket.add_authorization) # set an auth_user object config.set_request_property(get_auth_user, 'auth_user', reify=True) # configure subscribers ## config.include(anuket.subscribers) ##Comented to avoid crsf check ##TODO bring back CSRF from pyramid.events import BeforeRender, NewRequest config.add_subscriber(anuket.subscribers.add_renderer_globals, BeforeRender) config.add_subscriber(anuket.subscribers.add_localizer, NewRequest) # configure static views config.include(anuket.add_static_views) # configure routes config.include(anuket.views.root) config.include(anuket.views.tools) config.include(anuket.views.user) #TODO improve this from begotemp.views import geo_zone, geo_group, geo_rock config.include(geo_zone) config.include(geo_group) config.include(geo_rock) ## configure views config.scan('anuket') config.scan() config.add_translation_dirs('anuket:locale') config.set_locale_negotiator('anuket.lib.i18n.locale_negotiator') return config.make_wsgi_app()
def initialize_db(self): """ Initialize the database schema and insert default values. :return: 0 (OK) or 1 (abnormal termination error) """ config_uri = self.args.config_uri settings = get_appsettings(config_uri) engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) # check if there is already a versioned database revision = get_alembic_revision(config_uri) if revision: print("This database is versioned. " "Use the upgrade script instead!") return 1 # create the tables (except alembic_version) Base.metadata.create_all(engine) # add default user & group values with transaction.manager: admins_group = AuthGroup() admins_group.groupname = u'admins' admin_user = AuthUser() admin_user.username = u'admin' admin_user.password = u'admin' admin_user.group = admins_group try: DBSession.add(admins_group) DBSession.add(admin_user) DBSession.flush() except IntegrityError: DBSession.rollback() print("There is already a database. " "Use the upgrade script instead!") return 1 # stamp the database with the most recent revision # (and create alembic_version table) try: alembic_cfg = get_alembic_settings(config_uri) stamp(alembic_cfg, 'head') except (AttributeError, ImportError): # pragma: no cover # alembic is missing or not configured pass print("Database initialization done.") return 0
def user_list_view(request): """ Render the user list page. Return a paged user list from the database. The paged list can be ordered by username, first name or last name. Add an error flash message if the list is empty. Return also basic users statistics. :param request: a ``pyramid.request`` object """ _ = request.translate stats = get_user_stats() sortable_columns = ['username', 'first_name', 'last_name'] column = request.params.get('sort') search = request.params.get('search') # construct the query users = DBSession.query(AuthUser) if column and column in sortable_columns: users = users.order_by(column) else: users = users.order_by(AuthUser.username) if search: users = users.filter(AuthUser.username.like('%' + search + '%')) # add a flash message for empty results if users.count() == 0: request.session.flash(_(u"There is no results!"), 'error') # paginate results page_url = paginate.PageURL_WebOb(request) users = paginate.Page(users, page=int(request.params.get("page", 1)), items_per_page=20, url=page_url) return dict(users=users, stats=stats)
def get_by_id(cls, group_id): """ Query the `auth_group` table by `group_id`. :param group_id: the group id :type group_id: integer :return: a ``sqlalchemy.orm.query.Query`` object """ return DBSession.query(cls).get(group_id)
def get_by_email(cls, email=None): """ Query the auth_user table by email. :param username: the user email :type username: unicode :return: a ``sqlalchemy.orm.query.Query`` object """ if email: return DBSession.query(cls).filter(cls.email == email).first()
def get_by_id(cls, user_id=None): """ Query the `auth_user` table by `user_id`. :param user_id: the user id :type username: integer :return: a ``sqlalchemy.orm.query.Query`` object """ if user_id: return DBSession.query(cls).get(user_id)
def get_grouplist(): """ Generate a list of groups from the database. :return: a list of pair values (`group_id`, `groupname`) :rtype: list """ # For use in group select forms. groups = DBSession.query(AuthGroup).order_by(AuthGroup.groupname).all() grouplist = [(group.group_id, group.groupname) for group in groups] return grouplist
def get_by_username(cls, username=None): """ Query the `auth_user` table by username. :param username: the user username :type username: unicode :return: a ``sqlalchemy.orm.query.Query`` object """ if username: return DBSession.query(cls).filter( cls.username == username).first()
def user_add_view(request): """ Render the add user form page. Display an empty user form or validate the user submited form. If the form is validated then add the user datas to the database and a success flash message. If the form is not valid, then display again the form with validation errors. Return also a list of groups to use in the group select form. :param request: a ``pyramid.request`` object """ _ = request.translate grouplist = get_grouplist() form = Form(request, schema=UserForm) if 'form_submitted' in request.params and form.validate(): user = form.bind(AuthUser()) DBSession.add(user) request.session.flash(_(u"User added."), 'success') return HTTPFound(location=request.route_path('tools.user_list')) return dict(renderer=FormRenderer(form), grouplist=grouplist)
def get_alembic_revision(config_uri): """ Check the existence of an alembic revision in the database. If the database is versioned, then return the current revision. :param config_uri: an .ini file :return: the alembic revision value or None """ try: revision = DBSession.query(Migration.version_num).first() except OperationalError: revision = None return revision
def main(global_config, **settings): """ Configure and returns a Pyramid WSGI application. :param global_config: key/values from the [DEFAULT] section of an .ini fine :type global_config: dictionary :param **settings: key/values from the [app:main] section of an .ini fine :return: a ``pyramid.router.Router`` object """ # configure SQLAlchemy engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) config = Configurator(settings=settings) # configure the root factory (used for Auth & Auth) root_factory = RootFactory config.set_root_factory(root_factory) # configure session session_factory = session_factory_from_settings(settings) config.set_session_factory(session_factory) # configure auth & auth config.include(add_authorization) # set an auth_user object config.set_request_property(get_auth_user, 'auth_user', reify=True) # configure subscribers config.include(subscribers) # configure static views config.include(add_static_views) # configure routes config.include(root) config.include(tools) config.include(user) # configure views config.scan() # configure i18n config.add_translation_dirs('anuket:locale') config.set_locale_negotiator('anuket.lib.i18n.locale_negotiator') return config.make_wsgi_app()
def user_delete_view(request): """ Delete an user. Seek the database for the user datas based on user_id used in the route. If the user did not exist then add an error flash message and redirect to the user list. If the user exist then delete the user in the database, add a warning flash message and then redirect to the user list. :param request: a ``pyramid.request`` object """ # The confirm delete must be managed by modal messages in the templates, # and we forbid direct deletion from the address bar (no referer) _ = request.translate if not request.referer: request.session.flash(_(u"Insufficient permissions!"), 'error') return HTTPFound(location=request.route_path('home')) user_id = request.matchdict['user_id'] user = AuthUser.get_by_id(user_id) if not user: request.session.flash(_(u"This user did not exist!"), 'error') return HTTPFound(location=request.route_path('tools.user_list')) #forbid the deletion if it's the only admin user if user.group.groupname == u'admins': adminscount = DBSession.query(AuthUser.user_id).join(AuthGroup).\ filter(AuthGroup.groupname == u'admins').\ count() if adminscount == 1: request.session.flash(_(u"Deletion of the only admin forbidden!"), 'error') return HTTPFound(location=request.route_path('tools.user_list')) DBSession.delete(user) request.session.flash(_(u"User deleted."), 'warn') return HTTPFound(location=request.route_path('tools.user_list'))
def main(global_config, **settings): """ This function returns a Pyramid WSGI application. """ # configure SQLAlchemy engine = engine_from_config(settings, 'sqlalchemy.') DBSession.configure(bind=engine) config = Configurator(settings=settings) # configure the root factory (used for Auth & Auth) root_factory = RootFactory config.set_root_factory(root_factory) # configure session session_factory = session_factory_from_settings(settings) config.set_session_factory(session_factory) # configure auth & auth config.include(anuket.add_authorization) # set an auth_user object config.set_request_property(get_auth_user, 'auth_user', reify=True) # configure subscribers config.include(anuket.subscribers) # configure static views config.include(anuket.add_static_views) # configure routes config.include(anuket.views.root) config.include(anuket.views.tools) config.include(anuket.views.user) from anuketexample import views config.include(views) # configure views config.scan('anuket') config.scan() config.add_translation_dirs('anuket:locale') config.set_locale_negotiator('anuket.lib.i18n.locale_negotiator') return config.make_wsgi_app()
def zone_list_view(request): _ = request.translate stats = get_zone_stats() # construct the query zones = DBSession.query(Zone) zones = zones.order_by(Zone.zone_number) # add a flash message for empty results if zones.count() == 0: request.session.flash(_(u"There is no results!"), 'error') # paginate results page_url = paginate.PageURL_WebOb(request) zones = paginate.Page(zones, page=int(request.params.get("page", 1)), items_per_page=20, url=page_url) return dict(zones=zones, stats=stats)
def group_list_view(request): _ = request.translate stats=None sortable_columns = ['group_number', 'zone_number'] #TODO correct zone_number sorting and listing column = request.params.get('sort') # construct the query groups = DBSession.query(Group) if column and column in sortable_columns: groups = groups.order_by(column) else: groups = groups.order_by(Group.group_number) # add a flash message for empty results if groups.count() == 0: request.session.flash(_(u"There is no results!"), 'error') # paginate results page_url = paginate.PageURL_WebOb(request) groups = paginate.Page(groups, page=int(request.params.get("page", 1)), items_per_page=20, url=page_url) return dict(groups=groups, stats=stats)
def get_groups(): return DBSession.query(Group).order_by(Group.group_number).all()
def get_zones(): return DBSession.query(Zone).order_by(Zone.zone_number).all()